NoBaloney2
02-08-2012, 07:53 AM
Herewith, in response to a question in another thread, is my How-To on installing rDNS within DirectAdmin, for an entire IP delegation. While this example is for a Class C delegation (256 IP#s), it doesn't require much in the way of changes to change the delegation size.
Note that we offer rDNS hosting for other companies; we don't just do t for ourselves, so we've got a more complex setup than this because we host multiply in-addr.arpa zones; this setup is simplified for only one in-addr.arpa zone:
First we set up a manually controlled set of files for BIND:
We create a subdirectory inside of /etc: [/i]/etc/named[/i], chowned named:named and chmodded 755. This directory and any subdirectories will not be touched by DirectAdmin.
Inside that directory we create another subdirectory, /etc/named/us to indicate the in-addr.arpa zone is for us, not for one of our clients for whom we host rDNS. It's chowned and chmodded the same way. (If you want a user with shell access to be able to modify the files without becoming root, you can make that user a member of the named group and chmod 775 instead of 755.)
In the /etc/named directory, in addition to the us directory we also create a file (chmod 644, chown named:named), reverse.named.conf
The reverse named.conf file contains one line for each in-addr.arpa zone (one of ours shown, for our 74.124.205.0/24 delegation):
zone "205.124.74.in-addr.arpa" { type master; file "/etc/named/us/205.124.74.in-addr.arpa.db"; };
Then in the us subdirectory we create the 205.124.74.in-addr.arpa.db file, chmod 644, chown named:named.
In that line we use a standard header:
$TTL 600
@ IN SOA ns1.ns-one.net. hostmaster.ns-one.net. (
2012013003
10800
3600
904800
600 )
IN NS ns1.ns-one.net.
IN NS ns2.ns-one.net.
Note these values work for us; be sure you understand what you use, and why. Do not use the ns-one.net nameservers; if you do, nothing's going to work; you need to use your own nameservers. I presume you understand how to create a zone file header; others, who don't, may want to hire us to set this up for them; we've been experts in DNS since the 1990s.
Underneath the header we use rDNS records set up this way (these are the first four records in our file; I decline to show others, to preserve our users' privacy, but you can probably find them if you know how to use dig).
0 IN PTR nw101.namelessnet.net.
1 IN PTR gw101.namelessnet.net.
2 IN PTR ns1.namelessnet.net.
3 IN PTR bu1.namelessnet.net.
Note that we assign rDNS for all IP#s in the network; for networks we use the network numbers set up for them in our routers; the first network is defined in our network as nw101. gw101 is the gateway address for nw101, etc. For IP#s not yet assigned we use no101, and for the broadcast address we use bc101, changing the network numbers of course for each network we've built out of the /24.
After this is done, and checked to make sure it's right, we set up the include in /etc/named.conf, to include this /etc/named set in our DNS.
Near the top of /etc/named.conf (we put it right under the rndc.key line):
include "/etc/rndc.key";
We put in this line directly under the line above:
include "/etc/named/reverse.named.conf";
Note that this line will not be affected by anything you do with DirectAdmin:
Once you're done with all of the above, you should restart your BIND and then check to make sure it's running, by doing a lookup on one of your regular domains, and then when that works, trying an rDNS lookup.
For example:
dig -x 74.124.205.95
If everything works except for rDNS, try a trace to find any errors:
dig -x 74.124.205.95 +trace
Anyone who needs this done and isn't sure of his/her ability, can hire us; contact me by email at the email address in my siglines.
Jeff
Note that we offer rDNS hosting for other companies; we don't just do t for ourselves, so we've got a more complex setup than this because we host multiply in-addr.arpa zones; this setup is simplified for only one in-addr.arpa zone:
First we set up a manually controlled set of files for BIND:
We create a subdirectory inside of /etc: [/i]/etc/named[/i], chowned named:named and chmodded 755. This directory and any subdirectories will not be touched by DirectAdmin.
Inside that directory we create another subdirectory, /etc/named/us to indicate the in-addr.arpa zone is for us, not for one of our clients for whom we host rDNS. It's chowned and chmodded the same way. (If you want a user with shell access to be able to modify the files without becoming root, you can make that user a member of the named group and chmod 775 instead of 755.)
In the /etc/named directory, in addition to the us directory we also create a file (chmod 644, chown named:named), reverse.named.conf
The reverse named.conf file contains one line for each in-addr.arpa zone (one of ours shown, for our 74.124.205.0/24 delegation):
zone "205.124.74.in-addr.arpa" { type master; file "/etc/named/us/205.124.74.in-addr.arpa.db"; };
Then in the us subdirectory we create the 205.124.74.in-addr.arpa.db file, chmod 644, chown named:named.
In that line we use a standard header:
$TTL 600
@ IN SOA ns1.ns-one.net. hostmaster.ns-one.net. (
2012013003
10800
3600
904800
600 )
IN NS ns1.ns-one.net.
IN NS ns2.ns-one.net.
Note these values work for us; be sure you understand what you use, and why. Do not use the ns-one.net nameservers; if you do, nothing's going to work; you need to use your own nameservers. I presume you understand how to create a zone file header; others, who don't, may want to hire us to set this up for them; we've been experts in DNS since the 1990s.
Underneath the header we use rDNS records set up this way (these are the first four records in our file; I decline to show others, to preserve our users' privacy, but you can probably find them if you know how to use dig).
0 IN PTR nw101.namelessnet.net.
1 IN PTR gw101.namelessnet.net.
2 IN PTR ns1.namelessnet.net.
3 IN PTR bu1.namelessnet.net.
Note that we assign rDNS for all IP#s in the network; for networks we use the network numbers set up for them in our routers; the first network is defined in our network as nw101. gw101 is the gateway address for nw101, etc. For IP#s not yet assigned we use no101, and for the broadcast address we use bc101, changing the network numbers of course for each network we've built out of the /24.
After this is done, and checked to make sure it's right, we set up the include in /etc/named.conf, to include this /etc/named set in our DNS.
Near the top of /etc/named.conf (we put it right under the rndc.key line):
include "/etc/rndc.key";
We put in this line directly under the line above:
include "/etc/named/reverse.named.conf";
Note that this line will not be affected by anything you do with DirectAdmin:
Once you're done with all of the above, you should restart your BIND and then check to make sure it's running, by doing a lookup on one of your regular domains, and then when that works, trying an rDNS lookup.
For example:
dig -x 74.124.205.95
If everything works except for rDNS, try a trace to find any errors:
dig -x 74.124.205.95 +trace
Anyone who needs this done and isn't sure of his/her ability, can hire us; contact me by email at the email address in my siglines.
Jeff